UPDATE!
The policy-problem was really fixed with this specially created patch.
Well, "fixed" is relative. The policy installation works without losing the adjacency IF the first cluster member is the active member. Otherwise a fail-over will ocur and then it looses the adjacency and we're having a ~2min. interrupt.
- The mentioned fix still isn't included in any public available HFA or release.
--> so we cannot update our FW to any newer release, which really pi** me off!
- A case with the fail-over is still hanging @Checkpoint since more than a half year!!
We had to give them very much debug-data (they lost some of our debug data, so we had it to give a second time.. ) but they still let us in darkness about their investigation.
We now really reached a point where we should think about other firewall-vendors. The support is absolutely the worst part of checkpoint!
Best wishes,
Manuel